Re: Running Web Servers In A Chroot Jail

On Sat, 20 Mar 2010 09:08:03 GMT, markhobley@xxxxxxxxxxxxxxxxxxxxxxxxxxx (Mark Hobley) wrote:

Artist <artist@xxxxxxxxxxxxxxxx> wrote:
So I want to know how important it is to run a web server in a jail, and
how prevalent jailing it is.

It depends on which webserver you are running, and how secure your cgi scripts
are. You probably need to do a code audit to determine this at this time.

Trouble is, how does a newbie know quality from crap information?

I think they're aware of security as an abstract notion, but until
their site gets hacked they don't really focus on the details.

PHP is convenient, but it allows laziness and thus tends to encourage
security breaches.

Running a server in a chroot jail seems like damage containment rather
than prevention, no?

I run http and ftp servers here, both are secure and neither offer any
user/pass logins. Glancing through the logs can be an education.


Relevant Pages

  • RE: password file syncing
    ... I have two secure FTP servers that I run in our ... 1% of the time the password file gets garbled for some reason. ... Our FTP servers are physically secure so I can leave the console ... poor man's solution I was thinking of using rsync or rdist ...
  • Re: Newbie: RedHat 8 or OpenBSD??
    ... > I'm fairly new to this, so please bare with me. ... > RedHat 8 or OpenBSD is more secure. ... isntead of str* for one, there was a code audit, there is integrated suport ...
  • Re: FBI brought in to waste time on naked slut-lebrities
    ... On 9/4/14 5:15 AM, Tom Benton wrote: ... The cloud has the capacity to be secure, but in the case of Apple, they exist to suck up as much money as they possibly can, and the iCloud, their storage "solution" certainly doesn't look secure. ... But security breaches are all over the place now. ...